Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

itwbennett (1594911) writes "Symantec and RSA published details on their blogs on Tuesday about the iBanking Android program, which is being used by two Eastern European cybercrime groups to intercept one-time SMS passcodes used for logging into bank accounts. IBanking's source code was leaked in February, which should have caused its price to drop. But its developer has continued to develop iBanking and provide support, and the malware is still commanding $5,000 per copy, one of the highest prices seen for a type of malware, according to research from Symantec."

Like all these stories, $5,000 may be the "sticker" or asking price. How many sold at this price or at any price is the important metric.

The market for this kind of software is fairly small.. so 5k is very cheap... it's probably not feasible to hire real developers to do this.
I wouldn't be surprised if this guy could be making more money making enterprise software. SharePoint plugins, various CMS plugins, etc...

To a petty thief 5k is a lot of money, but for a legitimate business it's rather cheap, compared to doing any kind of development.

According to the article, the victim has to install an app from a pop-up. If the user leaves "Unknown sources" turned off, the user can't get infected. I imagine that most people in the western world who turn on "Unknown sources" are users of third-party marketplaces that require "Unknown sources", such as Amazon Appstore or F-Droid. In order to get infected, you have to 1. turn on "Unknown sources", 2. forget to turn it off after you're done installing or updating apps from a third-party marketplace, and 3

According to the article, the victim has to install an app from a pop-up. If the user leaves "Unknown sources" turned off, the user can't get infected. I imagine that most people in the western world who turn on "Unknown sources" are users of third-party marketplaces that require "Unknown sources", such as Amazon Appstore or F-Droid. In order to get infected, you have to 1. turn on "Unknown sources", 2. forget to turn it off after you're done installing or updating apps from a third-party marketplace, and 3

I cannot speak for this special case, since I lack the detailed info, but in general, those 5k bucks usually give you more than just the program. Such groups usually sell the whole package, including servers, server software, malware and for a little more money also a spam service to carpet bomb mail addresses with the malware spam.

In other words, you needn't be in any way apt with computers to commit "cybercrimes" anymore. You can get the "for dummies" package, including detailed step by step instructions how to use it.

Why those groups don't simply do it themselves and sell it instead? First, it's more profitable. And second, it's legal (for them at least, might be different in your country) to sell the software, but not to use it.

I've always thought tying accounts to your phone, via SMS or Phone number was a really dumb idea. Especially when the pervasive attitude is for apps to collect as much information about you as possible and read text messages. Combined with the fact that phone numbers are moved and traded all the time from person to person... Just a bad idea overall in my opinion.